Here is the user login form:
Code: Select all
<?php session_start();
$_SESSION['username'] = $_POST['username'];?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Art</title>
<link href="styles/lery2.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
a:link {
color: #09C;
text-decoration: none;
}
a:visited {
text-decoration: none;
color: #09C;
}
a:hover {
text-decoration: underline;
}
a:active {
text-decoration: none;
}
-->
</style></head>
<div align="center">
<body>
<div class="mainbody">
<div class="header1"></div>
<div class="storeeditleftsidebar"><br />
<br />
</div>
<br />
<br />
<br />
<br />
<span class="titlefont">Member sign in </span><br />
<span class="blackfont"><br />
sign in here. </span><br />
<br />
<table width="300" border="0" align="left" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="username" type="text" id="username"</td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="password" type="password" id="password"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>Code: Select all
<?php
session_start();
$host="localhost"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name=""; // Database name
$tbl_name="artist"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// username and password sent from form
$myusername=$_POST['username'];
$mypassword=$_POST['password'];
// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("username");
session_register("password");
header("location:listtest5.php");
}
else {
header ("location:userlogin_error.php");
}
?>Code: Select all
<?php
session_start();
//connect to database
$mysqli = mysqli_connect("", "", "", "");
//Set the selected category
$selected_cat = (isset($_GET["cat_id"])) ? $_GET["cat_id"] : false;
//show categories first
$get_cats_sql = "SELECT cat_id, cat_title FROM category ORDER BY cat_id";
$get_cats_res = mysqli_query($mysqli, $get_cats_sql) or die(mysqli_error($mysqli));
if (mysqli_num_rows($get_cats_res) < 1)
{
$categoryList = "<p><em>Sorry, no categories to browse.</em></p>";
}
else
{
//Display the categories
while ($cats = mysqli_fetch_array($get_cats_res))
{
$categoryList .= "<a href=\"{$_SERVER['PHP_SELF']}?cat_id={$cats['cat_id']}\">{$cats['cat_title']} <br /></a>\n";
if ($cats['cat_id']==$selected_cat)
{
//get items
$get_items_sql = "SELECT id, photo, username, title, price, date FROM product WHERE cat_id = '{$selected_cat}' ORDER BY date $pages->limit";
$get_items_res = mysqli_query($mysqli, $get_items_sql) or die(mysqli_error($mysqli));
if (mysqli_num_rows($get_items_res) < 1)
{
$content = "<p><em>Sorry, no items in this category.</em></p>\n";
}
else
{
$content .= "<ul>\n";
while ($items = mysqli_fetch_array($get_items_res))
{
$item_url = "items3.php?id={$items['id']}";
$item_title = stripslashes($items['title']);
$item_price = $items['price'];
$item_photo = $items['photo'];
$item_username = $items['username'];
$item_date = $items['date'];
$content .= "";
list($width) = getimagesize($item_photo);
// set the maximum width of the image here
$maxWidth = 100;
if ($width > $maxWidth);
$content .= "<table width=\"603\" border=\"0\"><tr><td width=\"101\"> <a href=\"{$item_url}\">
<img alt=\"Image\" border=0 width=\"{$maxWidth}\" src=\"{$item_photo}\" /></a><td width=\"201\"> <a href=\"{$item_url}\">{$item_title}</a></td>
<td width=\"109\">{$item_username}</td><td width=\"101\"> {$item_date}</td><td width=\"99\"> \${$item_price} USD </td></tr></table>";
$content .= "\n";
}
$content .= "</ul>\n";
}
}
}
}
?>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Art</title>
<link href="styles/sgallery2.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
a:link {
color: #09C;
text-decoration: none;
}
a:visited {
text-decoration: none;
color: #09C;
}
a:hover {
text-decoration: underline;
}
a:active {
text-decoration: none;
}
-->
</style></head>
<div align="center">
<body>
<div class="mainbody">
<div class="header1">
[color=red]<?php echo $_SESSION['username']; ?>[/color]</div>
<div class="leftsidebar"><span class="titles"> Art Categories</span><br />
<br />
<?php echo $categoryList; ?>
<br />